通信学报2025,Vol.46Issue(4):160-173,14.DOI:10.11959/j.issn.1000-436x.2025067
基于可解释人工智能的流量对抗样本攻击及防御方法
Traffic adversarial example attack and defense method based on explainable artificial intelligence
摘要
Abstract
An adversarial example attack method based on XAI was proposed for AI-based NIDS.By identifying critical perturbation features with XAI and applying targeted perturbations while preserving traffic functionality,malicious traf-fic was gradually altered to be misclassified as benign,achieving adversarial traffic sample attacks.This approach re-duced the number of required perturbation features,enhancing attack stealthiness.The identified features showed consis-tency across classifiers,giving attack samples robust transferability.For defense,a defense method based on adversarial training was proposed to boost NIDS robustness.Experiments show high attack success and transfer rates,and the pro-posed defense method effectively lowers adversarial example attack success rates,enhancing system robustness.关键词
对抗样本攻击/可解释人工智能/网络入侵检测/恶意对抗流量Key words
adversarial example attack/explainable artificial intelligence/network intrusion detection/malicious adver-sarial traffic分类
信息技术与安全科学引用本文复制引用
马博文,郭渊博,田继伟,马骏,胡永进..基于可解释人工智能的流量对抗样本攻击及防御方法[J].通信学报,2025,46(4):160-173,14.基金项目
国家自然科学基金资助项目(No.62402520) (No.62402520)
国家社会科学基金资助项目(No.2022-SKJJ-B-057) (No.2022-SKJJ-B-057)
陕西省自然科学基金资助项目(No.2024JC-YBQN-0620) The National Natural Science Foundation of China(No.62402520),The National Social Science Fund of China(No.2022-SKJJ-B-057),Shaanxi Provincial Natural Science Foundation(No.2024JC-YBQN-0620) (No.2024JC-YBQN-0620)
